Malware created by North Korean hacker group invades nuclear power plant network
The international hacker group Lazarus Group (HIDDEN COBRA) , which conducts cyber attacks targeting financial institutions and government agencies around the world, has been linked to North Korea. It was discovered that the malware created by the Lazarus Group had invaded the network of the Kudankram nuclear power plant in India.
NPC Admission on Malware Attack
Indian nuclear power plant's network was hacked, officials confirm | Ars Technica
Hackers Target Indian Nuclear Power Plant – Everything We Know So Far
The Kudankram nuclear power plant is a nuclear power plant in
So, It'S Public Now. Domain Controller-Level Access At Kudankulam Nuclear Power Plant. The Government Was Notified Way Back. Extremely Mission-Critical Targets Were Hit. Https://T.Co/rFaTeOsZrw Pic.Twitter.Com/OMVvMwizSi— Pukhraj Singh (@RungRage) October 28, 2019
In response to this movement, officials of the Kudankulam nuclear power plant said on October 29, 2019, `` Nuclear power plant control systems are stand-alone and are not connected to external networks or the Internet, so they are subject to cyber attacks. No ' announced . However, while denying intrusion into the control system, he did not mention the presence or absence of cyber attacks on other parts.
And on October 30, the day after the intrusion into the control system was denied, the Indian Nuclear Power Corporation (NPCIL) said, “On the management network of Kudankram Nuclear Power Station, we found a malware intrusion created by the Lazarus Group.” I acknowledged. The problem was “reported on 4 September 2019 by the Indian Computer Emergency Response Team (CERT-In),” said NPCIL Deputy Director AK Nema.
According to Nema, an expert survey of the problem was conducted promptly. The infected computer is used for management purposes and is isolated from the important internal network, and the network in question seems to be continuously monitored.
The malware discovered this time is a spy tool named “ DTrack ”, which was discovered by a global research and analysis team of Kaspersky, a security company, in financial institutions and research institutions in India. DTrack is believed to have been created by the Lazarus Group because it sees code sharing with other malware used by the Lazarus Group.
DTrack acts as a spy and monitoring tool that can collect data about infected systems, record keystrokes, scan connected networks, and monitor active processes on infected computers. In addition, “ATMDtrack”, another version of malware, was used to infiltrate Indian ATMs and steal customer card data.
Although it has not been confirmed that DTrack directly attacked the control system of the Kudankram nuclear power plant at the time of writing the article, there is a view that this attack was aimed at the next more critical attack. A report on cyber attacks released by the International Committee of the Red Cross in May 2019 states that `` first strikes on trusted systems make subsequent attacks easy '', while lurking in a relatively intrusive network It has also been pointed out that they may have attempted to penetrate isolated control systems on the occasion of software updates.